[jira] [Resolved] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

[ https://issues.apache.org/jira/browse/KNOX-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey resolved KNOX-1779. -- Resolution: Implemented > Add HTTP X-XSS-Protection response header support for WebAppSec Provid

[jira] [Comment Edited] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

[ https://issues.apache.org/jira/browse/KNOX-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16772898#comment-16772898 ] Krishna Pandey edited comment on KNOX-1779 at 2/20/19 11:02 AM:

[jira] [Commented] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

[ https://issues.apache.org/jira/browse/KNOX-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16772898#comment-16772898 ] Krishna Pandey commented on KNOX-1779: -- [~krisden] As I started working on this issue

[jira] [Updated] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

[ https://issues.apache.org/jira/browse/KNOX-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1779: - Attachment: Screenshot 2019-02-20 at 4.24.18 PM.png > Add HTTP X-XSS-Protection response header su

[jira] [Commented] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

[ https://issues.apache.org/jira/browse/KNOX-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16772542#comment-16772542 ] Krishna Pandey commented on KNOX-1779: -- [~krisden] I intend to provide a patch shortl

[jira] [Created] (KNOX-1779) Add HTTP X-XSS-Protection response header support for WebAppSec Provider

Krishna Pandey created KNOX-1779: Summary: Add HTTP X-XSS-Protection response header support for WebAppSec Provider Key: KNOX-1779 URL: https://issues.apache.org/jira/browse/KNOX-1779 Project: Apache

[jira] [Commented] (KNOX-1028) X-Frame-Options and other security headers are ineffective

[ https://issues.apache.org/jira/browse/KNOX-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157883#comment-16157883 ] Krishna Pandey commented on KNOX-1028: -- Thanks [~lmc...@apache.org]. I tested this loc

[jira] [Updated] (KNOX-1028) X-Frame-Options and other security headers are ineffective

[ https://issues.apache.org/jira/browse/KNOX-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1028: - Description: When xframe-options.enabled param is set to true in WebAppSec provider, the same is n

[jira] [Updated] (KNOX-1028) X-Frame-Options and other security headers are ineffective

[ https://issues.apache.org/jira/browse/KNOX-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1028: - Description: When xframe-options.enabled param is set to true in WebAppSec provider, the same is n

[jira] [Updated] (KNOX-1028) X-Frame-Options and other security headers are ineffective

[ https://issues.apache.org/jira/browse/KNOX-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1028: - Description: When xframe-options.enabled param is set to true in WebAppSec provider, the same is n

[jira] [Created] (KNOX-1028) X-Frame-Options and other security headers are ineffective

Krishna Pandey created KNOX-1028: Summary: X-Frame-Options and other security headers are ineffective Key: KNOX-1028 URL: https://issues.apache.org/jira/browse/KNOX-1028 Project: Apache Knox

[jira] [Updated] (KNOX-1017) Add support for enabling "Strict-Transport-Security" header in Knox responses

[ https://issues.apache.org/jira/browse/KNOX-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1017: - Component/s: Server > Add support for enabling "Strict-Transport-Security" header in Knox > respo

[jira] [Updated] (KNOX-1017) Add support for enabling "Strict-Transport-Security" header in Knox responses

[ https://issues.apache.org/jira/browse/KNOX-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1017: - Labels: headers (was: ) > Add support for enabling "Strict-Transport-Security" header in Knox >

[jira] [Updated] (KNOX-1017) Add support for enabling "Strict-Transport-Security" header in Knox responses

[ https://issues.apache.org/jira/browse/KNOX-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1017: - Description: The HTTP Strict-Transport-Security response header is a security feature that lets a

[jira] [Updated] (KNOX-1017) Add support for enabling "Strict-Transport-Security" header in Knox responses

[ https://issues.apache.org/jira/browse/KNOX-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-1017: - Summary: Add support for enabling "Strict-Transport-Security" header in Knox responses (was: Ad

[jira] [Updated] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie

[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-933: Attachment: KNOX-933_master_v2.patch > PicketLink Provider must set Secure and HTTPOnly flags on Cooki

[jira] [Commented] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie

[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16011780#comment-16011780 ] Krishna Pandey commented on KNOX-933: - [~lmccay] Thanks for pointing that out and I comp

[jira] [Updated] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie

[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-933: Attachment: KNOX-933_master_v1.patch Attaching patch. > PicketLink Provider must set Secure and HTTPO

[jira] [Assigned] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie

[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey reassigned KNOX-933: --- Assignee: Krishna Pandey > PicketLink Provider must set Secure and HTTPOnly flags on Cookie > -

[jira] [Assigned] (KNOX-932) Option to remove the server-name from HTTP-header response

[ https://issues.apache.org/jira/browse/KNOX-932?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey reassigned KNOX-932: --- Assignee: Krishna Pandey > Option to remove the server-name from HTTP-header response > --

[jira] [Commented] (KNOX-932) Option to remove the server-name from HTTP-header response

[ https://issues.apache.org/jira/browse/KNOX-932?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15994657#comment-15994657 ] Krishna Pandey commented on KNOX-932: - It would be nice to have this as configurable pro

[jira] [Updated] (KNOX-925) Configurable - Encryption Algorithm and it's key size, Salt and iteration count for PBKDF

[ https://issues.apache.org/jira/browse/KNOX-925?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-925: Priority: Minor (was: Major) > Configurable - Encryption Algorithm and it's key size, Salt and iterat

[jira] [Created] (KNOX-925) Configurable - Encryption Algorithm and it's key size, Salt and iteration count for PBKDF

Krishna Pandey created KNOX-925: --- Summary: Configurable - Encryption Algorithm and it's key size, Salt and iteration count for PBKDF Key: KNOX-925 URL: https://issues.apache.org/jira/browse/KNOX-925 Pro

[jira] [Comment Edited] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948465#comment-15948465 ] Krishna Pandey edited comment on KNOX-915 at 3/30/17 5:57 AM: --

[jira] [Commented] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948465#comment-15948465 ] Krishna Pandey commented on KNOX-915: - I've created a new patch from location http://sv

[jira] [Comment Edited] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948465#comment-15948465 ] Krishna Pandey edited comment on KNOX-915 at 3/30/17 5:56 AM: --

[jira] [Updated] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-915: Attachment: KNOX-915_v.0.12.0_v2.patch > Adding example PAM config for Ubuntu in Knox User Guide under

[jira] [Updated] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-915: Attachment: KNOX-915_v0.12.0_v1.patch > Adding example PAM config for Ubuntu in Knox User Guide under

[jira] [Updated] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

[ https://issues.apache.org/jira/browse/KNOX-915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-915: Status: Patch Available (was: Open) We need to have below entries in /etc/pam.d/login file in Ubuntu

[jira] [Created] (KNOX-915) Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section

Krishna Pandey created KNOX-915: --- Summary: Adding example PAM config for Ubuntu in Knox User Guide under PAM Based Authentication section Key: KNOX-915 URL: https://issues.apache.org/jira/browse/KNOX-915

[jira] [Updated] (KNOX-722) Null Pointer Exception while accessing Services via Knox SSO configured for OKTA

[ https://issues.apache.org/jira/browse/KNOX-722?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-722: Attachment: Screen Shot 2016-07-13 at 12.12.00 AM.png > Null Pointer Exception while accessing Service

[jira] [Created] (KNOX-722) Null Pointer Exception while accessing Services via Knox SSO configured for OKTA

Krishna Pandey created KNOX-722: --- Summary: Null Pointer Exception while accessing Services via Knox SSO configured for OKTA Key: KNOX-722 URL: https://issues.apache.org/jira/browse/KNOX-722 Project: Apa

[jira] [Updated] (KNOX-718) redirecting back after authentication, not valid according to the configured whitelist

[ https://issues.apache.org/jira/browse/KNOX-718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-718: Description: User does not get any warning for rejection due to whitelist when logging through KnoxSS

[jira] [Updated] (KNOX-718) redirecting back after authentication, not valid according to the configured whitelist

[ https://issues.apache.org/jira/browse/KNOX-718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Krishna Pandey updated KNOX-718: Summary: redirecting back after authentication, not valid according to the configured whitelist (was:

[jira] [Created] (KNOX-718) redirecting back after authentication is not valid according to the configured whitelist

Krishna Pandey created KNOX-718: --- Summary: redirecting back after authentication is not valid according to the configured whitelist Key: KNOX-718 URL: https://issues.apache.org/jira/browse/KNOX-718 Proj